[OpenID] OpenID & Mozilla ...

Dick Hardt dick at sxip.com
Wed Jan 17 17:35:46 UTC 2007

Great to see interest in OpenID from Mozilla.

Are there any notes from the meeting that could be posted to  
specs at openid.net?

Since we allow Firefox to support OpenID now with our free addon  
Sxipper[1], we have some idea on the technical challenges.

Similar to Infocard support, markup that indicates the RP supports  
OpenID so that the browser can easily detect the support would be  
useful as far as OpenID is concerned.

-- Dick

[1] http://www.sxipper.com

On 16-Jan-07, at 11:13 PM, Scott Kveton wrote:

> As some folks have recently seen, Mozilla has listed OpenID as a  
> mandatory
> requirement for Firefox 3.0:
> http://radar.oreilly.com/archives/2007/01/firefox_30_requ.html
> As some people on this list have mentioned, what exactly does that  
> mean?
> Well, this afternoon there was a great gathering of OpenID, Mozilla  
> and
> security folks to discuss that very question.  I had a previous  
> meeting and
> arrived late but was glad that some really good discussion what OpenID
> support in Firefox could mean. Thanks so much Alex Faaborg and  
> Chris Messina
> for convening the meeting on such short notice!
> What was the outcome? Well, we (as in the OpenID community) need to  
> do some
> blue sky work. What would we like to see in Firefox that would make  
> OpenID
> better?  Bear in mind, its not guaranteed that we’ll get this  
> implemented in
> Firefox 3.0. However, if we can clearly identify what we’d like to  
> see as a
> community, then that might go a long way in helping Mozilla make it  
> happen.
> We've had this discussion before but now we have a really great  
> opportunity
> to (maybe) shape how it gets implemented in Firefox.
> For me personally, I’d love to see better support for anti-phishing  
> built
> into the browser. Something like core integration of the ph-off  
> extension.
> ph-off allows the user to define who their identity provider is and  
> then it
> modifies the chrome in Firefox any time you’re entering a password.  
> If the
> browser turns green, you’re in good shape. If the browser turns red,
> something bad is happening. This may not be the best paradigm to  
> use, but I
> like the idea of some seamless bits of code at the end-user machine  
> that
> helps secure it further and fix the phishing problem.
> What would you like to see?
> - Scott
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

More information about the general mailing list